Internal Audit’s Role in Cyber Preparedness

Most of today’s cybersecurity efforts focus on prevention. But a new report released at the 2015 Governance, Risk and Control Conference urges companies and organizations to take a more comprehensive view of cybersecurity—from prevention through recovery. The report, Internal Audit’s Role in Cyber Preparedness:  The Importance of a Holistic Approach, was published by The Institute of Internal Auditors and explains how a well-supported internal audit function can play a vital role in the prevention of and recovery from a cyberattack.

If you’re a member of the audit or senior management team, you know cyberattacks are increasing daily and that your company’s information is always at risk. You can’t afford to overlook any effective countermeasure, especially an internal audit. Organizations must learn to anticipate, withstand and recover from cyberattacks to be truly “cyber-prepared.”

The report explores five key areas of cyber preparedness—protection, detection, business continuity, crisis management and communications and continuous improvement. Each area is critical to overall preparedness. New technology-driven risks will continue to emerge at ever-increasing speeds. An internal audit can and will play a vital role in helping an organization prosper in a cyber-threatened world.

The report concludes with a warning:  “Only organizations that develop the skills to cope with these threats at strategic and tactical levels will survive and grow.” A strong, well-supported internal audit function will be essential.

For more information, visit

Print Friendly, PDF & Email
The following two tabs change content below.

Cy Sturdivant

Cy is a member of BKD’s IT Risk Services division and has more than nine years of public accounting, information technology (IT) and community banking experience. He focuses on IT general control services, IT assurance services and Service Organization Control (SOC) Reports® for financial institution clients.

Leave a Reply

Your email address will not be published. Required fields are marked *